No, is that something that would make a difference between 2.2.15 and 2.2.32?
--Mark On Fri, 24 Nov 2017 21:37:47 -0800 Gary <li...@lazygranch.com> wrote: > Out of curiosity, do you do a !SSLv3 in the conf file? > > > Original Message >> From: mfo...@ohprs.org >> Sent: November 24, 2017 9:04 PM >> To: dovecot@dovecot.org >> Subject: Upgrade to 2.2.32 from 2.2.15 failed >> >> I have a problem. I have been running Dovecot 2.2.15 and I'd like to >> upgrade. My distro >> (Slackware) has dovecot 2.2.32 available. I downloaded and installed that, >> but it didn't work. >> No one was able to get messages from the dovecot server on their >> workstations. The following is >> the entire dovecot log file from startup to the last message generated. No >> more messages went >> into the logfile after line 76, even with clients trying to connect. The >> 174.233.134.88 IP is >> from an external user connecting from his iPhone. The normal successful >> message from this user >> are shown at bottom. >> >> I'm suspecting something to do with line 18 where is says "Auth process >> broken." If anyone has >> any insight I'd deeply appreciate it as I'd love to upgrade. >> >> THX -- Mark >> >> 1 Nov 24 19:22:24 master: Info: Dovecot v2.2.32 (dfbe293d4) starting up for >> imap (core dumps disabled) >> 2 Nov 24 19:22:24 ssl-params: Info: Generating SSL parameters >> 3 Nov 24 19:22:26 ssl-params: Info: SSL parameters regeneration completed >> 4 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x10, ret=1: before/accept >> initialization [174.233.134.88] >> 5 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: >> before/accept initialization [174.233.134.88] >> 6 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client hello A [174.233.134.88] >> 7 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server hello A [174.233.134.88] >> 8 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> certificate A [174.233.134.88] >> 9 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> key exchange A [174.233.134.88] >> 10 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server done A [174.233.134.88] >> 11 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush >> data [174.233.134.88] >> 12 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client certificate A [174.233.134.88] >> 13 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 14 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 15 Nov 24 19:23:02 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 16 Nov 24 19:23:02 auth: Debug: Module loaded: >> /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so >> 17 Nov 24 19:23:02 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 18 Nov 24 19:23:02 imap-login: Info: Disconnected: Auth process broken >> (disconnected before auth was ready, waited 0 secs): user=<>, >> rip=174.233.134.88, lip=98.102.63.107, TLS handshaking, >> session=<idAcrMNe8xqu6YZY> >> 19 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x10, ret=1: before/accept >> initialization [174.233.134.88] >> 20 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: >> before/accept initialization [174.233.134.88] >> 21 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client hello A [174.233.134.88] >> 22 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server hello A [174.233.134.88] >> 23 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> certificate A [174.233.134.88] >> 24 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> key exchange A [174.233.134.88] >> 25 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server done A [174.233.134.88] >> 26 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush >> data [174.233.134.88] >> 27 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client certificate A [174.233.134.88] >> 28 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 29 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 30 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client key exchange A [174.233.134.88] >> 31 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> certificate verify A [174.233.134.88] >> 32 Nov 24 19:23:02 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> finished A [174.233.134.88] >> 33 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> finished A [174.233.134.88] >> 34 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> change cipher spec A [174.233.134.88] >> 35 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> finished A [174.233.134.88] >> 36 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush >> data [174.233.134.88] >> 37 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x20, ret=1: SSL >> negotiation finished successfully [174.233.134.88] >> 38 Nov 24 19:23:03 imap-login: Debug: SSL: where=0x2002, ret=1: SSL >> negotiation finished successfully [174.233.134.88] >> 39 Nov 24 19:23:04 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 40 Nov 24 19:23:04 auth: Debug: Module loaded: >> /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so >> 41 Nov 24 19:23:04 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 42 Nov 24 19:23:04 imap-login: Info: Disconnected: Auth process broken >> (disconnected before auth was ready, waited 2 secs): user=<>, >> rip=174.233.134.88, lip=98.102.63.107, TLS, session=<YGw7rMNe+Rqu6YZY> >> 43 Nov 24 19:23:04 imap-login: Debug: SSL alert: close notify >> [174.233.134.88] >> 44 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x10, ret=1: before/accept >> initialization [174.233.134.88] >> 45 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: >> before/accept initialization [174.233.134.88] >> 46 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client hello A [174.233.134.88] >> 47 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server hello A [174.233.134.88] >> 48 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> certificate A [174.233.134.88] >> 49 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> key exchange A [174.233.134.88] >> 50 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> server done A [174.233.134.88] >> 51 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush >> data [174.233.134.88] >> 52 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client certificate A [174.233.134.88] >> 53 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 54 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> client key exchange A [174.233.134.88] >> 55 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> client key exchange A [174.233.134.88] >> 56 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> certificate verify A [174.233.134.88] >> 57 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read >> finished A [174.233.134.88] >> 58 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read >> finished A [174.233.134.88] >> 59 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> change cipher spec A [174.233.134.88] >> 60 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write >> finished A [174.233.134.88] >> 61 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush >> data [174.233.134.88] >> 62 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x20, ret=1: SSL >> negotiation finished successfully [174.233.134.88] >> 63 Nov 24 19:23:05 imap-login: Debug: SSL: where=0x2002, ret=1: SSL >> negotiation finished successfully [174.233.134.88] >> 64 Nov 24 19:23:08 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 65 Nov 24 19:23:08 auth: Debug: Module loaded: >> /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so >> 66 Nov 24 19:23:08 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 67 Nov 24 19:23:08 imap-login: Info: Disconnected: Auth process broken >> (disconnected before auth was ready, waited 3 secs): user=<>, >> rip=174.233.134.88, lip=98.102.63.107, TLS, session=<7ZF4rMNe8hqu6YZY> >> 68 Nov 24 19:23:08 imap-login: Debug: SSL alert: close notify >> [174.233.134.88] >> 69 Nov 24 19:23:16 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 70 Nov 24 19:23:16 auth: Debug: Module loaded: >> /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so >> 71 Nov 24 19:23:16 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 72 Nov 24 19:23:16 imap-login: Info: Disconnected: Auth process broken >> (disconnected before auth was ready, waited 0 secs): user=<>, >> rip=192.168.0.54, lip=192.168.0.2, session=<6bbyrMNeGM/AqAA2> >> 73 Nov 24 19:24:13 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 74 Nov 24 19:24:13 auth: Debug: Module loaded: >> /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so >> 75 Nov 24 19:24:13 auth: Debug: Loading modules from directory: >> /usr/lib64/dovecot/auth >> 76 Nov 24 19:24:13 imap-login: Info: Disconnected: Auth process broken >> (disconnected before auth was ready, waited 0 secs): user=<>, >> rip=192.168.0.52, lip=192.168.0.2, session=<b75YsMNeb9nAqAA0> >> >> Normal OK messages from dovecot 2.2.15: >> >> Nov 24 23:50:49 imap-login: Debug: SSL: where=0x20, ret=1: SSL negotiation >> finished successfully [174.233.134.88] >> Nov 24 23:50:49 imap-login: Debug: SSL: where=0x2002, ret=1: SSL negotiation >> finished successfully [174.233.134.88] >> Nov 24 23:50:49 auth: Debug: client in: AUTH 1 PLAIN service=imap >> secured session=vQnEacde6QCu6YZY lip=98.102.63.107 >> rip=174.233.134.88 lport=993 rport=6889 >> resp=AG0udGhlbQAhbXRfMTAxOQ== (previous base64 data may contain sensitive >> data) >> Nov 24 23:50:49 auth-worker(17650): Debug: shadow(m.them,174.233.134.88): >> lookup >> Nov 24 23:50:49 auth: Debug: client passdb out: OK 1 user=m.them >> >> Finally, the 2.2.15 doveconf, which I used the same for 2.2.32: >> >> > doveconf -n >> # 2.2.15: /usr/local/etc/dovecot/dovecot.conf >> # OS: Linux 4.4.88 x86_64 Slackware 14.2 >> auth_debug = yes >> auth_debug_passwords = yes >> auth_gssapi_hostname = $ALL >> auth_krb5_keytab = /etc/dovecot/dovecot.keytab >> auth_mechanisms = plain login gssapi >> auth_use_winbind = yes >> auth_username_format = %n >> auth_verbose = yes >> auth_verbose_passwords = plain >> disable_plaintext_auth = no >> info_log_path = /var/log/dovecot_info >> mail_location = maildir:~/Maildir >> passdb { >> driver = shadow >> } >> protocols = imap >> ssl_cert = >> </etc/ssl/certs/OHPRS/GoDaddy/Apache/2016-08-10/54e789087d419b6e.crt >> ssl_key = </etc/ssl/certs/OHPRS/GoDaddy/mail.ohprs.org.key >> userdb { >> driver = passwd >> } >> verbose_ssl = yes